How severe is CVE-2025-25234?

CVE-2025-25234 has a CVSS v3 score of 7.1 (HIGH).

CVE-2025-25234

Name: unified_access_gateway
Author: omnissa

7.1HIGH

Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. A malicious actor with network access to UAG may be able to bypass administrator-configured CORS restrictions to gain

Published: 4/17/2025Updated: 4/21/2025

Description

Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. A malicious actor with network access to UAG may be able to bypass administrator-configured CORS restrictions to gain access to sensitive networks.

AI AnalysisPowered by AI

Affected Products

omnissaunified_access_gateway

References

https://static.omnissa.com/sites/default/files/OMSA-2025-0002.pdf
Vendor Advisory
https://www.omnissa.com/omnissa-security-response/
Vendor Advisory